Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-cxqa-pqca-pqgc
Summary
Apache Airflow, versions 2.6.0 through 2.7.3 has a stored XSS vulnerability that allows a DAG author to add an unbounded and not-sanitized javascript in the parameter description field of the DAG. This Javascript can be executed on the client side of any of the user who looks at the tasks in the browser sandbox. While this issue does not allow to exit the browser sandbox or manipulation of the server-side data - more than the DAG author already has, it allows to modify what the user looking at the DAG details sees in the browser - which opens up all kinds of possibilities of misleading other users.

Users of Apache Airflow are recommended to upgrade to version 2.8.0 or newer to mitigate the risk associated with this vulnerability
Aliases
0
alias BIT-airflow-2023-47265
1
alias CVE-2023-47265
2
alias GHSA-pxch-wr7m-rwxj
3
alias PYSEC-2023-264
Fixed_packages
0
url pkg:pypi/apache-airflow@2.8.0b1
purl pkg:pypi/apache-airflow@2.8.0b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1azm-hsvr-f3e8
1
vulnerability VCID-4u8d-ezsr-sqcz
2
vulnerability VCID-82p8-yujf-hkdd
3
vulnerability VCID-8m3p-yzr8-yyhj
4
vulnerability VCID-arbk-dryb-qkda
5
vulnerability VCID-hpf3-3z3m-6ydt
6
vulnerability VCID-j6uh-kx6m-sydp
7
vulnerability VCID-kb4a-mm13-63bj
8
vulnerability VCID-mbgq-fq5n-kufh
9
vulnerability VCID-nfbc-tutd-37bw
10
vulnerability VCID-rysu-xhvt-yqda
11
vulnerability VCID-tpjn-4kru-vucv
12
vulnerability VCID-vras-f42j-xqfg
13
vulnerability VCID-w8ff-8479-rbfq
14
vulnerability VCID-xwza-guvs-83a9
15
vulnerability VCID-yrx8-dtav-83av
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/apache-airflow@2.8.0b1
Affected_packages
0
url pkg:pypi/apache-airflow@2.6.0
purl pkg:pypi/apache-airflow@2.6.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1963-1kyn-2ban
1
vulnerability VCID-1azm-hsvr-f3e8
2
vulnerability VCID-1ptn-xvsy-d3hu
3
vulnerability VCID-1tvn-y85f-jkb9
4
vulnerability VCID-2q7x-bua5-37h7
5
vulnerability VCID-4u8d-ezsr-sqcz
6
vulnerability VCID-7z8j-8f4d-53dm
7
vulnerability VCID-82p8-yujf-hkdd
8
vulnerability VCID-8m3p-yzr8-yyhj
9
vulnerability VCID-8npr-rvfd-jkfj
10
vulnerability VCID-8ykk-1kak-6bfd
11
vulnerability VCID-arbk-dryb-qkda
12
vulnerability VCID-cxqa-pqca-pqgc
13
vulnerability VCID-d3kc-fn21-xqar
14
vulnerability VCID-dk1y-938p-k3bv
15
vulnerability VCID-fctg-457f-4uae
16
vulnerability VCID-hgq2-kuex-y3a3
17
vulnerability VCID-hpf3-3z3m-6ydt
18
vulnerability VCID-j6uh-kx6m-sydp
19
vulnerability VCID-kb4a-mm13-63bj
20
vulnerability VCID-mbgq-fq5n-kufh
21
vulnerability VCID-nfbc-tutd-37bw
22
vulnerability VCID-pmtw-nwnc-nyfw
23
vulnerability VCID-rysu-xhvt-yqda
24
vulnerability VCID-s49h-br5r-5yh8
25
vulnerability VCID-tpjn-4kru-vucv
26
vulnerability VCID-vj7z-pmk3-cydg
27
vulnerability VCID-vras-f42j-xqfg
28
vulnerability VCID-vy44-rbar-w3fn
29
vulnerability VCID-w8ff-8479-rbfq
30
vulnerability VCID-xwza-guvs-83a9
31
vulnerability VCID-yrx8-dtav-83av
32
vulnerability VCID-z5b8-kcbh-m7hr
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/apache-airflow@2.6.0
1
url pkg:pypi/apache-airflow@2.6.1rc1
purl pkg:pypi/apache-airflow@2.6.1rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1963-1kyn-2ban
1
vulnerability VCID-1azm-hsvr-f3e8
2
vulnerability VCID-1ptn-xvsy-d3hu
3
vulnerability VCID-1tvn-y85f-jkb9
4
vulnerability VCID-2q7x-bua5-37h7
5
vulnerability VCID-4u8d-ezsr-sqcz
6
vulnerability VCID-7z8j-8f4d-53dm
7
vulnerability VCID-82p8-yujf-hkdd
8
vulnerability VCID-8m3p-yzr8-yyhj
9
vulnerability VCID-8npr-rvfd-jkfj
10
vulnerability VCID-8ykk-1kak-6bfd
11
vulnerability VCID-arbk-dryb-qkda
12
vulnerability VCID-cxqa-pqca-pqgc
13
vulnerability VCID-d3kc-fn21-xqar
14
vulnerability VCID-dk1y-938p-k3bv
15
vulnerability VCID-fctg-457f-4uae
16
vulnerability VCID-hgq2-kuex-y3a3
17
vulnerability VCID-hpf3-3z3m-6ydt
18
vulnerability VCID-j6uh-kx6m-sydp
19
vulnerability VCID-kb4a-mm13-63bj
20
vulnerability VCID-mbgq-fq5n-kufh
21
vulnerability VCID-nfbc-tutd-37bw
22
vulnerability VCID-pmtw-nwnc-nyfw
23
vulnerability VCID-rysu-xhvt-yqda
24
vulnerability VCID-s49h-br5r-5yh8
25
vulnerability VCID-tpjn-4kru-vucv
26
vulnerability VCID-vj7z-pmk3-cydg
27
vulnerability VCID-vras-f42j-xqfg
28
vulnerability VCID-vy44-rbar-w3fn
29
vulnerability VCID-w8ff-8479-rbfq
30
vulnerability VCID-xwza-guvs-83a9
31
vulnerability VCID-yrx8-dtav-83av
32
vulnerability VCID-z5b8-kcbh-m7hr
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/apache-airflow@2.6.1rc1
2
url pkg:pypi/apache-airflow@2.6.1rc2
purl pkg:pypi/apache-airflow@2.6.1rc2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1963-1kyn-2ban
1
vulnerability VCID-1azm-hsvr-f3e8
2
vulnerability VCID-1ptn-xvsy-d3hu
3
vulnerability VCID-1tvn-y85f-jkb9
4
vulnerability VCID-2q7x-bua5-37h7
5
vulnerability VCID-4u8d-ezsr-sqcz
6
vulnerability VCID-7z8j-8f4d-53dm
7
vulnerability VCID-82p8-yujf-hkdd
8
vulnerability VCID-8m3p-yzr8-yyhj
9
vulnerability VCID-8npr-rvfd-jkfj
10
vulnerability VCID-8ykk-1kak-6bfd
11
vulnerability VCID-arbk-dryb-qkda
12
vulnerability VCID-cxqa-pqca-pqgc
13
vulnerability VCID-d3kc-fn21-xqar
14
vulnerability VCID-dk1y-938p-k3bv
15
vulnerability VCID-fctg-457f-4uae
16
vulnerability VCID-hgq2-kuex-y3a3
17
vulnerability VCID-hpf3-3z3m-6ydt
18
vulnerability VCID-j6uh-kx6m-sydp
19
vulnerability VCID-kb4a-mm13-63bj
20
vulnerability VCID-mbgq-fq5n-kufh
21
vulnerability VCID-nfbc-tutd-37bw
22
vulnerability VCID-pmtw-nwnc-nyfw
23
vulnerability VCID-rysu-xhvt-yqda
24
vulnerability VCID-s49h-br5r-5yh8
25
vulnerability VCID-tpjn-4kru-vucv
26
vulnerability VCID-vj7z-pmk3-cydg
27
vulnerability VCID-vras-f42j-xqfg
28
vulnerability VCID-vy44-rbar-w3fn
29
vulnerability VCID-w8ff-8479-rbfq
30
vulnerability VCID-xwza-guvs-83a9
31
vulnerability VCID-yrx8-dtav-83av
32
vulnerability VCID-z5b8-kcbh-m7hr
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/apache-airflow@2.6.1rc2
3
url pkg:pypi/apache-airflow@2.6.1rc3
purl pkg:pypi/apache-airflow@2.6.1rc3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1963-1kyn-2ban
1
vulnerability VCID-1azm-hsvr-f3e8
2
vulnerability VCID-1ptn-xvsy-d3hu
3
vulnerability VCID-1tvn-y85f-jkb9
4
vulnerability VCID-2q7x-bua5-37h7
5
vulnerability VCID-4u8d-ezsr-sqcz
6
vulnerability VCID-7z8j-8f4d-53dm
7
vulnerability VCID-82p8-yujf-hkdd
8
vulnerability VCID-8m3p-yzr8-yyhj
9
vulnerability VCID-8npr-rvfd-jkfj
10
vulnerability VCID-8ykk-1kak-6bfd
11
vulnerability VCID-arbk-dryb-qkda
12
vulnerability VCID-cxqa-pqca-pqgc
13
vulnerability VCID-d3kc-fn21-xqar
14
vulnerability VCID-dk1y-938p-k3bv
15
vulnerability VCID-fctg-457f-4uae
16
vulnerability VCID-hgq2-kuex-y3a3
17
vulnerability VCID-hpf3-3z3m-6ydt
18
vulnerability VCID-j6uh-kx6m-sydp
19
vulnerability VCID-kb4a-mm13-63bj
20
vulnerability VCID-mbgq-fq5n-kufh
21
vulnerability VCID-nfbc-tutd-37bw
22
vulnerability VCID-pmtw-nwnc-nyfw
23
vulnerability VCID-rysu-xhvt-yqda
24
vulnerability VCID-s49h-br5r-5yh8
25
vulnerability VCID-tpjn-4kru-vucv
26
vulnerability VCID-vj7z-pmk3-cydg
27
vulnerability VCID-vras-f42j-xqfg
28
vulnerability VCID-vy44-rbar-w3fn
29
vulnerability VCID-w8ff-8479-rbfq
30
vulnerability VCID-xwza-guvs-83a9
31
vulnerability VCID-yrx8-dtav-83av
32
vulnerability VCID-z5b8-kcbh-m7hr
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/apache-airflow@2.6.1rc3
4
url pkg:pypi/apache-airflow@2.6.1
purl pkg:pypi/apache-airflow@2.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1963-1kyn-2ban
1
vulnerability VCID-1azm-hsvr-f3e8
2
vulnerability VCID-1ptn-xvsy-d3hu
3
vulnerability VCID-1tvn-y85f-jkb9
4
vulnerability VCID-2q7x-bua5-37h7
5
vulnerability VCID-4u8d-ezsr-sqcz
6
vulnerability VCID-7z8j-8f4d-53dm
7
vulnerability VCID-82p8-yujf-hkdd
8
vulnerability VCID-8m3p-yzr8-yyhj
9
vulnerability VCID-8npr-rvfd-jkfj
10
vulnerability VCID-8ykk-1kak-6bfd
11
vulnerability VCID-arbk-dryb-qkda
12
vulnerability VCID-cxqa-pqca-pqgc
13
vulnerability VCID-d3kc-fn21-xqar
14
vulnerability VCID-dk1y-938p-k3bv
15
vulnerability VCID-fctg-457f-4uae
16
vulnerability VCID-hgq2-kuex-y3a3
17
vulnerability VCID-hpf3-3z3m-6ydt
18
vulnerability VCID-j6uh-kx6m-sydp
19
vulnerability VCID-kb4a-mm13-63bj
20
vulnerability VCID-mbgq-fq5n-kufh
21
vulnerability VCID-nfbc-tutd-37bw
22
vulnerability VCID-pmtw-nwnc-nyfw
23
vulnerability VCID-rysu-xhvt-yqda
24
vulnerability VCID-s49h-br5r-5yh8
25
vulnerability VCID-tpjn-4kru-vucv
26
vulnerability VCID-vj7z-pmk3-cydg
27
vulnerability VCID-vras-f42j-xqfg
28
vulnerability VCID-vy44-rbar-w3fn
29
vulnerability VCID-w8ff-8479-rbfq
30
vulnerability VCID-xwza-guvs-83a9
31
vulnerability VCID-yrx8-dtav-83av
32
vulnerability VCID-z5b8-kcbh-m7hr
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/apache-airflow@2.6.1
5
url pkg:pypi/apache-airflow@2.6.2rc1
purl pkg:pypi/apache-airflow@2.6.2rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1963-1kyn-2ban
1
vulnerability VCID-1azm-hsvr-f3e8
2
vulnerability VCID-1ptn-xvsy-d3hu
3
vulnerability VCID-1tvn-y85f-jkb9
4
vulnerability VCID-2q7x-bua5-37h7
5
vulnerability VCID-4u8d-ezsr-sqcz
6
vulnerability VCID-7z8j-8f4d-53dm
7
vulnerability VCID-82p8-yujf-hkdd
8
vulnerability VCID-8m3p-yzr8-yyhj
9
vulnerability VCID-8npr-rvfd-jkfj
10
vulnerability VCID-8ykk-1kak-6bfd
11
vulnerability VCID-arbk-dryb-qkda
12
vulnerability VCID-cxqa-pqca-pqgc
13
vulnerability VCID-d3kc-fn21-xqar
14
vulnerability VCID-dk1y-938p-k3bv
15
vulnerability VCID-fctg-457f-4uae
16
vulnerability VCID-hgq2-kuex-y3a3
17
vulnerability VCID-hpf3-3z3m-6ydt
18
vulnerability VCID-j6uh-kx6m-sydp
19
vulnerability VCID-kb4a-mm13-63bj
20
vulnerability VCID-mbgq-fq5n-kufh
21
vulnerability VCID-nfbc-tutd-37bw
22
vulnerability VCID-pmtw-nwnc-nyfw
23
vulnerability VCID-rysu-xhvt-yqda
24
vulnerability VCID-s49h-br5r-5yh8
25
vulnerability VCID-tpjn-4kru-vucv
26
vulnerability VCID-vj7z-pmk3-cydg
27
vulnerability VCID-vras-f42j-xqfg
28
vulnerability VCID-vy44-rbar-w3fn
29
vulnerability VCID-w8ff-8479-rbfq
30
vulnerability VCID-xwza-guvs-83a9
31
vulnerability VCID-yrx8-dtav-83av
32
vulnerability VCID-z5b8-kcbh-m7hr
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/apache-airflow@2.6.2rc1
6
url pkg:pypi/apache-airflow@2.6.2rc2
purl pkg:pypi/apache-airflow@2.6.2rc2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1963-1kyn-2ban
1
vulnerability VCID-1azm-hsvr-f3e8
2
vulnerability VCID-1ptn-xvsy-d3hu
3
vulnerability VCID-1tvn-y85f-jkb9
4
vulnerability VCID-2q7x-bua5-37h7
5
vulnerability VCID-4u8d-ezsr-sqcz
6
vulnerability VCID-7z8j-8f4d-53dm
7
vulnerability VCID-82p8-yujf-hkdd
8
vulnerability VCID-8m3p-yzr8-yyhj
9
vulnerability VCID-8npr-rvfd-jkfj
10
vulnerability VCID-8ykk-1kak-6bfd
11
vulnerability VCID-arbk-dryb-qkda
12
vulnerability VCID-cxqa-pqca-pqgc
13
vulnerability VCID-d3kc-fn21-xqar
14
vulnerability VCID-dk1y-938p-k3bv
15
vulnerability VCID-fctg-457f-4uae
16
vulnerability VCID-hgq2-kuex-y3a3
17
vulnerability VCID-hpf3-3z3m-6ydt
18
vulnerability VCID-j6uh-kx6m-sydp
19
vulnerability VCID-kb4a-mm13-63bj
20
vulnerability VCID-mbgq-fq5n-kufh
21
vulnerability VCID-nfbc-tutd-37bw
22
vulnerability VCID-pmtw-nwnc-nyfw
23
vulnerability VCID-rysu-xhvt-yqda
24
vulnerability VCID-s49h-br5r-5yh8
25
vulnerability VCID-tpjn-4kru-vucv
26
vulnerability VCID-vj7z-pmk3-cydg
27
vulnerability VCID-vras-f42j-xqfg
28
vulnerability VCID-vy44-rbar-w3fn
29
vulnerability VCID-w8ff-8479-rbfq
30
vulnerability VCID-xwza-guvs-83a9
31
vulnerability VCID-yrx8-dtav-83av
32
vulnerability VCID-z5b8-kcbh-m7hr
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/apache-airflow@2.6.2rc2
7
url pkg:pypi/apache-airflow@2.6.2
purl pkg:pypi/apache-airflow@2.6.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1963-1kyn-2ban
1
vulnerability VCID-1azm-hsvr-f3e8
2
vulnerability VCID-1ptn-xvsy-d3hu
3
vulnerability VCID-2q7x-bua5-37h7
4
vulnerability VCID-4u8d-ezsr-sqcz
5
vulnerability VCID-7z8j-8f4d-53dm
6
vulnerability VCID-82p8-yujf-hkdd
7
vulnerability VCID-8m3p-yzr8-yyhj
8
vulnerability VCID-8npr-rvfd-jkfj
9
vulnerability VCID-8ykk-1kak-6bfd
10
vulnerability VCID-arbk-dryb-qkda
11
vulnerability VCID-cxqa-pqca-pqgc
12
vulnerability VCID-d3kc-fn21-xqar
13
vulnerability VCID-dk1y-938p-k3bv
14
vulnerability VCID-fctg-457f-4uae
15
vulnerability VCID-hgq2-kuex-y3a3
16
vulnerability VCID-hpf3-3z3m-6ydt
17
vulnerability VCID-j6uh-kx6m-sydp
18
vulnerability VCID-kb4a-mm13-63bj
19
vulnerability VCID-mbgq-fq5n-kufh
20
vulnerability VCID-nfbc-tutd-37bw
21
vulnerability VCID-pmtw-nwnc-nyfw
22
vulnerability VCID-rysu-xhvt-yqda
23
vulnerability VCID-s49h-br5r-5yh8
24
vulnerability VCID-tpjn-4kru-vucv
25
vulnerability VCID-vj7z-pmk3-cydg
26
vulnerability VCID-vras-f42j-xqfg
27
vulnerability VCID-vy44-rbar-w3fn
28
vulnerability VCID-w8ff-8479-rbfq
29
vulnerability VCID-xwza-guvs-83a9
30
vulnerability VCID-yrx8-dtav-83av
31
vulnerability VCID-z5b8-kcbh-m7hr
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/apache-airflow@2.6.2
8
url pkg:pypi/apache-airflow@2.6.3rc1
purl pkg:pypi/apache-airflow@2.6.3rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1963-1kyn-2ban
1
vulnerability VCID-1azm-hsvr-f3e8
2
vulnerability VCID-1ptn-xvsy-d3hu
3
vulnerability VCID-2q7x-bua5-37h7
4
vulnerability VCID-4u8d-ezsr-sqcz
5
vulnerability VCID-7z8j-8f4d-53dm
6
vulnerability VCID-82p8-yujf-hkdd
7
vulnerability VCID-8m3p-yzr8-yyhj
8
vulnerability VCID-8npr-rvfd-jkfj
9
vulnerability VCID-8ykk-1kak-6bfd
10
vulnerability VCID-arbk-dryb-qkda
11
vulnerability VCID-cxqa-pqca-pqgc
12
vulnerability VCID-d3kc-fn21-xqar
13
vulnerability VCID-dk1y-938p-k3bv
14
vulnerability VCID-fctg-457f-4uae
15
vulnerability VCID-hgq2-kuex-y3a3
16
vulnerability VCID-hpf3-3z3m-6ydt
17
vulnerability VCID-j6uh-kx6m-sydp
18
vulnerability VCID-kb4a-mm13-63bj
19
vulnerability VCID-mbgq-fq5n-kufh
20
vulnerability VCID-nfbc-tutd-37bw
21
vulnerability VCID-pmtw-nwnc-nyfw
22
vulnerability VCID-rysu-xhvt-yqda
23
vulnerability VCID-s49h-br5r-5yh8
24
vulnerability VCID-tpjn-4kru-vucv
25
vulnerability VCID-vj7z-pmk3-cydg
26
vulnerability VCID-vras-f42j-xqfg
27
vulnerability VCID-vy44-rbar-w3fn
28
vulnerability VCID-w8ff-8479-rbfq
29
vulnerability VCID-xwza-guvs-83a9
30
vulnerability VCID-yrx8-dtav-83av
31
vulnerability VCID-z5b8-kcbh-m7hr
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/apache-airflow@2.6.3rc1
9
url pkg:pypi/apache-airflow@2.6.3
purl pkg:pypi/apache-airflow@2.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1963-1kyn-2ban
1
vulnerability VCID-1azm-hsvr-f3e8
2
vulnerability VCID-2q7x-bua5-37h7
3
vulnerability VCID-4u8d-ezsr-sqcz
4
vulnerability VCID-82p8-yujf-hkdd
5
vulnerability VCID-8m3p-yzr8-yyhj
6
vulnerability VCID-8npr-rvfd-jkfj
7
vulnerability VCID-8ykk-1kak-6bfd
8
vulnerability VCID-arbk-dryb-qkda
9
vulnerability VCID-cxqa-pqca-pqgc
10
vulnerability VCID-fctg-457f-4uae
11
vulnerability VCID-hgq2-kuex-y3a3
12
vulnerability VCID-hpf3-3z3m-6ydt
13
vulnerability VCID-j6uh-kx6m-sydp
14
vulnerability VCID-kb4a-mm13-63bj
15
vulnerability VCID-mbgq-fq5n-kufh
16
vulnerability VCID-nfbc-tutd-37bw
17
vulnerability VCID-pmtw-nwnc-nyfw
18
vulnerability VCID-rysu-xhvt-yqda
19
vulnerability VCID-s49h-br5r-5yh8
20
vulnerability VCID-tpjn-4kru-vucv
21
vulnerability VCID-vj7z-pmk3-cydg
22
vulnerability VCID-vras-f42j-xqfg
23
vulnerability VCID-w8ff-8479-rbfq
24
vulnerability VCID-xwza-guvs-83a9
25
vulnerability VCID-yrx8-dtav-83av
26
vulnerability VCID-z5b8-kcbh-m7hr
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/apache-airflow@2.6.3
10
url pkg:pypi/apache-airflow@2.7.0b1
purl pkg:pypi/apache-airflow@2.7.0b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1963-1kyn-2ban
1
vulnerability VCID-1azm-hsvr-f3e8
2
vulnerability VCID-2q7x-bua5-37h7
3
vulnerability VCID-4u8d-ezsr-sqcz
4
vulnerability VCID-82p8-yujf-hkdd
5
vulnerability VCID-8m3p-yzr8-yyhj
6
vulnerability VCID-8npr-rvfd-jkfj
7
vulnerability VCID-8ykk-1kak-6bfd
8
vulnerability VCID-arbk-dryb-qkda
9
vulnerability VCID-cxqa-pqca-pqgc
10
vulnerability VCID-fctg-457f-4uae
11
vulnerability VCID-hgq2-kuex-y3a3
12
vulnerability VCID-hpf3-3z3m-6ydt
13
vulnerability VCID-j6uh-kx6m-sydp
14
vulnerability VCID-kb4a-mm13-63bj
15
vulnerability VCID-mbgq-fq5n-kufh
16
vulnerability VCID-nfbc-tutd-37bw
17
vulnerability VCID-pmtw-nwnc-nyfw
18
vulnerability VCID-rysu-xhvt-yqda
19
vulnerability VCID-s49h-br5r-5yh8
20
vulnerability VCID-tpjn-4kru-vucv
21
vulnerability VCID-vj7z-pmk3-cydg
22
vulnerability VCID-vras-f42j-xqfg
23
vulnerability VCID-w8ff-8479-rbfq
24
vulnerability VCID-xwza-guvs-83a9
25
vulnerability VCID-yrx8-dtav-83av
26
vulnerability VCID-z5b8-kcbh-m7hr
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/apache-airflow@2.7.0b1
11
url pkg:pypi/apache-airflow@2.7.0rc1
purl pkg:pypi/apache-airflow@2.7.0rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1963-1kyn-2ban
1
vulnerability VCID-1azm-hsvr-f3e8
2
vulnerability VCID-2q7x-bua5-37h7
3
vulnerability VCID-4u8d-ezsr-sqcz
4
vulnerability VCID-82p8-yujf-hkdd
5
vulnerability VCID-8m3p-yzr8-yyhj
6
vulnerability VCID-8npr-rvfd-jkfj
7
vulnerability VCID-8ykk-1kak-6bfd
8
vulnerability VCID-arbk-dryb-qkda
9
vulnerability VCID-cxqa-pqca-pqgc
10
vulnerability VCID-fctg-457f-4uae
11
vulnerability VCID-hgq2-kuex-y3a3
12
vulnerability VCID-hpf3-3z3m-6ydt
13
vulnerability VCID-j6uh-kx6m-sydp
14
vulnerability VCID-kb4a-mm13-63bj
15
vulnerability VCID-mbgq-fq5n-kufh
16
vulnerability VCID-nfbc-tutd-37bw
17
vulnerability VCID-pmtw-nwnc-nyfw
18
vulnerability VCID-rysu-xhvt-yqda
19
vulnerability VCID-s49h-br5r-5yh8
20
vulnerability VCID-tpjn-4kru-vucv
21
vulnerability VCID-vj7z-pmk3-cydg
22
vulnerability VCID-vras-f42j-xqfg
23
vulnerability VCID-w8ff-8479-rbfq
24
vulnerability VCID-xwza-guvs-83a9
25
vulnerability VCID-yrx8-dtav-83av
26
vulnerability VCID-z5b8-kcbh-m7hr
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/apache-airflow@2.7.0rc1
12
url pkg:pypi/apache-airflow@2.7.0rc2
purl pkg:pypi/apache-airflow@2.7.0rc2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1963-1kyn-2ban
1
vulnerability VCID-1azm-hsvr-f3e8
2
vulnerability VCID-2q7x-bua5-37h7
3
vulnerability VCID-4u8d-ezsr-sqcz
4
vulnerability VCID-82p8-yujf-hkdd
5
vulnerability VCID-8m3p-yzr8-yyhj
6
vulnerability VCID-8npr-rvfd-jkfj
7
vulnerability VCID-8ykk-1kak-6bfd
8
vulnerability VCID-arbk-dryb-qkda
9
vulnerability VCID-cxqa-pqca-pqgc
10
vulnerability VCID-fctg-457f-4uae
11
vulnerability VCID-hgq2-kuex-y3a3
12
vulnerability VCID-hpf3-3z3m-6ydt
13
vulnerability VCID-j6uh-kx6m-sydp
14
vulnerability VCID-kb4a-mm13-63bj
15
vulnerability VCID-mbgq-fq5n-kufh
16
vulnerability VCID-nfbc-tutd-37bw
17
vulnerability VCID-pmtw-nwnc-nyfw
18
vulnerability VCID-rysu-xhvt-yqda
19
vulnerability VCID-s49h-br5r-5yh8
20
vulnerability VCID-tpjn-4kru-vucv
21
vulnerability VCID-vj7z-pmk3-cydg
22
vulnerability VCID-vras-f42j-xqfg
23
vulnerability VCID-w8ff-8479-rbfq
24
vulnerability VCID-xwza-guvs-83a9
25
vulnerability VCID-yrx8-dtav-83av
26
vulnerability VCID-z5b8-kcbh-m7hr
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/apache-airflow@2.7.0rc2
13
url pkg:pypi/apache-airflow@2.7.0
purl pkg:pypi/apache-airflow@2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1963-1kyn-2ban
1
vulnerability VCID-1azm-hsvr-f3e8
2
vulnerability VCID-2q7x-bua5-37h7
3
vulnerability VCID-4u8d-ezsr-sqcz
4
vulnerability VCID-63fw-ggbk-9ycy
5
vulnerability VCID-82p8-yujf-hkdd
6
vulnerability VCID-8m3p-yzr8-yyhj
7
vulnerability VCID-8npr-rvfd-jkfj
8
vulnerability VCID-8ykk-1kak-6bfd
9
vulnerability VCID-arbk-dryb-qkda
10
vulnerability VCID-cxqa-pqca-pqgc
11
vulnerability VCID-fctg-457f-4uae
12
vulnerability VCID-g9j4-fhpm-uuba
13
vulnerability VCID-hgq2-kuex-y3a3
14
vulnerability VCID-hpf3-3z3m-6ydt
15
vulnerability VCID-j6uh-kx6m-sydp
16
vulnerability VCID-kb4a-mm13-63bj
17
vulnerability VCID-mbgq-fq5n-kufh
18
vulnerability VCID-nfbc-tutd-37bw
19
vulnerability VCID-pmtw-nwnc-nyfw
20
vulnerability VCID-rysu-xhvt-yqda
21
vulnerability VCID-s49h-br5r-5yh8
22
vulnerability VCID-tpjn-4kru-vucv
23
vulnerability VCID-unq1-wwfg-6ydk
24
vulnerability VCID-vras-f42j-xqfg
25
vulnerability VCID-w8ff-8479-rbfq
26
vulnerability VCID-xwza-guvs-83a9
27
vulnerability VCID-yrx8-dtav-83av
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/apache-airflow@2.7.0
14
url pkg:pypi/apache-airflow@2.7.1rc1
purl pkg:pypi/apache-airflow@2.7.1rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1963-1kyn-2ban
1
vulnerability VCID-1azm-hsvr-f3e8
2
vulnerability VCID-4u8d-ezsr-sqcz
3
vulnerability VCID-63fw-ggbk-9ycy
4
vulnerability VCID-82p8-yujf-hkdd
5
vulnerability VCID-8m3p-yzr8-yyhj
6
vulnerability VCID-8npr-rvfd-jkfj
7
vulnerability VCID-8ykk-1kak-6bfd
8
vulnerability VCID-arbk-dryb-qkda
9
vulnerability VCID-cxqa-pqca-pqgc
10
vulnerability VCID-fctg-457f-4uae
11
vulnerability VCID-hgq2-kuex-y3a3
12
vulnerability VCID-hpf3-3z3m-6ydt
13
vulnerability VCID-j6uh-kx6m-sydp
14
vulnerability VCID-kb4a-mm13-63bj
15
vulnerability VCID-mbgq-fq5n-kufh
16
vulnerability VCID-nfbc-tutd-37bw
17
vulnerability VCID-pmtw-nwnc-nyfw
18
vulnerability VCID-rysu-xhvt-yqda
19
vulnerability VCID-s49h-br5r-5yh8
20
vulnerability VCID-tpjn-4kru-vucv
21
vulnerability VCID-unq1-wwfg-6ydk
22
vulnerability VCID-vras-f42j-xqfg
23
vulnerability VCID-w8ff-8479-rbfq
24
vulnerability VCID-xwza-guvs-83a9
25
vulnerability VCID-yrx8-dtav-83av
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/apache-airflow@2.7.1rc1
15
url pkg:pypi/apache-airflow@2.7.1rc2
purl pkg:pypi/apache-airflow@2.7.1rc2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1963-1kyn-2ban
1
vulnerability VCID-1azm-hsvr-f3e8
2
vulnerability VCID-4u8d-ezsr-sqcz
3
vulnerability VCID-63fw-ggbk-9ycy
4
vulnerability VCID-82p8-yujf-hkdd
5
vulnerability VCID-8m3p-yzr8-yyhj
6
vulnerability VCID-8npr-rvfd-jkfj
7
vulnerability VCID-8ykk-1kak-6bfd
8
vulnerability VCID-arbk-dryb-qkda
9
vulnerability VCID-cxqa-pqca-pqgc
10
vulnerability VCID-fctg-457f-4uae
11
vulnerability VCID-hgq2-kuex-y3a3
12
vulnerability VCID-hpf3-3z3m-6ydt
13
vulnerability VCID-j6uh-kx6m-sydp
14
vulnerability VCID-kb4a-mm13-63bj
15
vulnerability VCID-mbgq-fq5n-kufh
16
vulnerability VCID-nfbc-tutd-37bw
17
vulnerability VCID-pmtw-nwnc-nyfw
18
vulnerability VCID-rysu-xhvt-yqda
19
vulnerability VCID-s49h-br5r-5yh8
20
vulnerability VCID-tpjn-4kru-vucv
21
vulnerability VCID-unq1-wwfg-6ydk
22
vulnerability VCID-vras-f42j-xqfg
23
vulnerability VCID-w8ff-8479-rbfq
24
vulnerability VCID-xwza-guvs-83a9
25
vulnerability VCID-yrx8-dtav-83av
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/apache-airflow@2.7.1rc2
16
url pkg:pypi/apache-airflow@2.7.1
purl pkg:pypi/apache-airflow@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1963-1kyn-2ban
1
vulnerability VCID-1azm-hsvr-f3e8
2
vulnerability VCID-4u8d-ezsr-sqcz
3
vulnerability VCID-63fw-ggbk-9ycy
4
vulnerability VCID-82p8-yujf-hkdd
5
vulnerability VCID-8m3p-yzr8-yyhj
6
vulnerability VCID-8ykk-1kak-6bfd
7
vulnerability VCID-arbk-dryb-qkda
8
vulnerability VCID-cxqa-pqca-pqgc
9
vulnerability VCID-fctg-457f-4uae
10
vulnerability VCID-hgq2-kuex-y3a3
11
vulnerability VCID-hpf3-3z3m-6ydt
12
vulnerability VCID-j6uh-kx6m-sydp
13
vulnerability VCID-kb4a-mm13-63bj
14
vulnerability VCID-mbgq-fq5n-kufh
15
vulnerability VCID-nfbc-tutd-37bw
16
vulnerability VCID-pmtw-nwnc-nyfw
17
vulnerability VCID-rysu-xhvt-yqda
18
vulnerability VCID-tpjn-4kru-vucv
19
vulnerability VCID-unq1-wwfg-6ydk
20
vulnerability VCID-vras-f42j-xqfg
21
vulnerability VCID-w8ff-8479-rbfq
22
vulnerability VCID-xwza-guvs-83a9
23
vulnerability VCID-yrx8-dtav-83av
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/apache-airflow@2.7.1
17
url pkg:pypi/apache-airflow@2.7.2rc1
purl pkg:pypi/apache-airflow@2.7.2rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1963-1kyn-2ban
1
vulnerability VCID-1azm-hsvr-f3e8
2
vulnerability VCID-4u8d-ezsr-sqcz
3
vulnerability VCID-63fw-ggbk-9ycy
4
vulnerability VCID-82p8-yujf-hkdd
5
vulnerability VCID-8m3p-yzr8-yyhj
6
vulnerability VCID-8ykk-1kak-6bfd
7
vulnerability VCID-arbk-dryb-qkda
8
vulnerability VCID-cxqa-pqca-pqgc
9
vulnerability VCID-fctg-457f-4uae
10
vulnerability VCID-hgq2-kuex-y3a3
11
vulnerability VCID-hpf3-3z3m-6ydt
12
vulnerability VCID-j6uh-kx6m-sydp
13
vulnerability VCID-kb4a-mm13-63bj
14
vulnerability VCID-mbgq-fq5n-kufh
15
vulnerability VCID-nfbc-tutd-37bw
16
vulnerability VCID-pmtw-nwnc-nyfw
17
vulnerability VCID-rysu-xhvt-yqda
18
vulnerability VCID-tpjn-4kru-vucv
19
vulnerability VCID-unq1-wwfg-6ydk
20
vulnerability VCID-vras-f42j-xqfg
21
vulnerability VCID-w8ff-8479-rbfq
22
vulnerability VCID-xwza-guvs-83a9
23
vulnerability VCID-yrx8-dtav-83av
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/apache-airflow@2.7.2rc1
18
url pkg:pypi/apache-airflow@2.7.2
purl pkg:pypi/apache-airflow@2.7.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1963-1kyn-2ban
1
vulnerability VCID-1azm-hsvr-f3e8
2
vulnerability VCID-4u8d-ezsr-sqcz
3
vulnerability VCID-82p8-yujf-hkdd
4
vulnerability VCID-8m3p-yzr8-yyhj
5
vulnerability VCID-arbk-dryb-qkda
6
vulnerability VCID-cxqa-pqca-pqgc
7
vulnerability VCID-fctg-457f-4uae
8
vulnerability VCID-hpf3-3z3m-6ydt
9
vulnerability VCID-j6uh-kx6m-sydp
10
vulnerability VCID-kb4a-mm13-63bj
11
vulnerability VCID-mbgq-fq5n-kufh
12
vulnerability VCID-nfbc-tutd-37bw
13
vulnerability VCID-rysu-xhvt-yqda
14
vulnerability VCID-tpjn-4kru-vucv
15
vulnerability VCID-unq1-wwfg-6ydk
16
vulnerability VCID-vras-f42j-xqfg
17
vulnerability VCID-w8ff-8479-rbfq
18
vulnerability VCID-xwza-guvs-83a9
19
vulnerability VCID-yrx8-dtav-83av
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/apache-airflow@2.7.2
19
url pkg:pypi/apache-airflow@2.7.3rc1
purl pkg:pypi/apache-airflow@2.7.3rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1963-1kyn-2ban
1
vulnerability VCID-1azm-hsvr-f3e8
2
vulnerability VCID-4u8d-ezsr-sqcz
3
vulnerability VCID-82p8-yujf-hkdd
4
vulnerability VCID-8m3p-yzr8-yyhj
5
vulnerability VCID-arbk-dryb-qkda
6
vulnerability VCID-cxqa-pqca-pqgc
7
vulnerability VCID-fctg-457f-4uae
8
vulnerability VCID-hpf3-3z3m-6ydt
9
vulnerability VCID-j6uh-kx6m-sydp
10
vulnerability VCID-kb4a-mm13-63bj
11
vulnerability VCID-mbgq-fq5n-kufh
12
vulnerability VCID-nfbc-tutd-37bw
13
vulnerability VCID-rysu-xhvt-yqda
14
vulnerability VCID-tpjn-4kru-vucv
15
vulnerability VCID-unq1-wwfg-6ydk
16
vulnerability VCID-vras-f42j-xqfg
17
vulnerability VCID-w8ff-8479-rbfq
18
vulnerability VCID-xwza-guvs-83a9
19
vulnerability VCID-yrx8-dtav-83av
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/apache-airflow@2.7.3rc1
20
url pkg:pypi/apache-airflow@2.7.3
purl pkg:pypi/apache-airflow@2.7.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1azm-hsvr-f3e8
1
vulnerability VCID-4u8d-ezsr-sqcz
2
vulnerability VCID-82p8-yujf-hkdd
3
vulnerability VCID-8m3p-yzr8-yyhj
4
vulnerability VCID-arbk-dryb-qkda
5
vulnerability VCID-cxqa-pqca-pqgc
6
vulnerability VCID-hpf3-3z3m-6ydt
7
vulnerability VCID-j6uh-kx6m-sydp
8
vulnerability VCID-kb4a-mm13-63bj
9
vulnerability VCID-mbgq-fq5n-kufh
10
vulnerability VCID-nfbc-tutd-37bw
11
vulnerability VCID-rysu-xhvt-yqda
12
vulnerability VCID-tpjn-4kru-vucv
13
vulnerability VCID-unq1-wwfg-6ydk
14
vulnerability VCID-vras-f42j-xqfg
15
vulnerability VCID-w8ff-8479-rbfq
16
vulnerability VCID-xwza-guvs-83a9
17
vulnerability VCID-yrx8-dtav-83av
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/apache-airflow@2.7.3
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-47265
reference_id
reference_type
scores
0
value 0.00192
scoring_system epss
scoring_elements 0.40983
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-47265
1
reference_url https://github.com/apache/airflow
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/airflow
2
reference_url https://github.com/apache/airflow/commit/0b995602e6e5894ee31625a4dd0e6aa255d2a651
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/airflow/commit/0b995602e6e5894ee31625a4dd0e6aa255d2a651
3
reference_url https://github.com/apache/airflow/pull/35460
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/airflow/pull/35460
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/apache-airflow/PYSEC-2023-264.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/apache-airflow/PYSEC-2023-264.yaml
5
reference_url https://lists.apache.org/thread/128f3zl375vb1qv93k82zhnwkpl233pr
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/128f3zl375vb1qv93k82zhnwkpl233pr
6
reference_url http://www.openwall.com/lists/oss-security/2023/12/21/2
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2023/12/21/2
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-47265
reference_id CVE-2023-47265
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-47265
8
reference_url https://github.com/advisories/GHSA-pxch-wr7m-rwxj
reference_id GHSA-pxch-wr7m-rwxj
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pxch-wr7m-rwxj
Weaknesses
0
cwe_id 79
name Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
description The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
1
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
2
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
Exploits
Severity_range_score4.0 - 6.9
Exploitability0.5
Weighted_severity4.9
Risk_score2.5
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-cxqa-pqca-pqgc